diff --git a/tech_docs/Jinja2.md b/tech_docs/Jinja2.md index 52f59af..23064d8 100644 --- a/tech_docs/Jinja2.md +++ b/tech_docs/Jinja2.md @@ -159,4 +159,476 @@ Your Jinja2 mastery isn’t about "writing templates"—it’s about **designing 2. **Shape standards** for infrastructure-as-code. 3. **Lead the next wave** of low-code DevOps tools. -**Next Step**: Pick one high-leverage project (e.g., "Templated Data Mesh") and own it end-to-end. I’ll help you architect it! \ No newline at end of file +**Next Step**: Pick one high-leverage project (e.g., "Templated Data Mesh") and own it end-to-end. I’ll help you architect it! + +--- + +### **Jinja2 for Network Engineers: Automating the Boring, Scaling the Complex** +*(A tactical guide to templating network configs—no fluff, just CLI-ready examples.)* + +--- + +## **1. Immediate Wins with Jinja2 in Networking** +### **A. Device Config Templates (Cisco/Juniper/Aruba)** +**Problem**: Manually editing `interface`, `ACL`, or `BGP` configs for each device is error-prone. +**Solution**: Jinja2 + YAML variables. + +#### **Example: Standardized Interface Configs** +**`templates/cisco_interface.j2`** +```jinja2 +interface {{ interface.name }} + description {{ interface.description | default("UPLINK") }} + {% if interface.vlan %} + switchport access vlan {{ interface.vlan }} + {% endif %} + {% if interface.trunk %} + switchport mode trunk + switchport trunk allowed vlan {{ interface.trunk.vlans | join(',') }} + {% endif %} + ip address {{ interface.ip }}/{{ interface.mask }} +``` + +**`vars/switch01.yml`** +```yaml +interface: + name: GigabitEthernet0/1 + description: "Core Uplink to Router01" + trunk: + vlans: [10, 20, 30] + ip: 192.168.1.1 + mask: 24 +``` + +**Render it**: +```bash +# Install jinja-cli if needed: pip install jinja2-cli +jinja2 templates/cisco_interface.j2 vars/switch01.yml > configs/switch01.cfg +``` + +**Output**: +```text +interface GigabitEthernet0/1 + description Core Uplink to Router01 + switchport mode trunk + switchport trunk allowed vlan 10,20,30 + ip address 192.168.1.1/24 +``` + +--- + +### **B. Bulk ACL Generation** +**Problem**: Managing 50+ ACL rules across devices. +**Solution**: Define rules in YAML, template with loops. + +**`templates/acl.j2`** +```jinja2 +ip access-list extended {{ acl.name }} + {% for rule in acl.rules %} + {{ rule.action }} {{ rule.protocol }} {{ rule.src }} {{ rule.dst }} eq {{ rule.port }} + {% endfor %} +``` + +**`vars/firewall_rules.yml`** +```yaml +acl: + name: INBOUND_WEB + rules: + - action: permit + protocol: tcp + src: any + dst: 10.0.0.0/24 + port: 80 + - action: deny + protocol: udp + src: 192.168.1.100 + dst: any + port: 53 +``` + +**Render it**: +```bash +jinja2 templates/acl.j2 vars/firewall_rules.yml +``` + +**Output**: +```text +ip access-list extended INBOUND_WEB + permit tcp any 10.0.0.0/24 eq 80 + deny udp 192.168.1.100 any eq 53 +``` + +--- + +## **2. Advanced Use Cases (For Your Skillset)** +### **A. Multi-Vendor Configs (Cisco → Juniper)** +**Problem**: Same network design, different CLI syntax. +**Solution**: Single YAML source → vendor-specific templates. + +**`vars/ospf.yml`** +```yaml +ospf: + process_id: 100 + areas: + - id: 0 + networks: ["10.0.0.0/24", "192.168.1.0/24"] +``` + +**`templates/cisco_ospf.j2`** +```jinja2 +router ospf {{ ospf.process_id }} + {% for area in ospf.areas %} + network {{ area.networks | join(' ') }} area {{ area.id }} + {% endfor %} +``` + +**`templates/juniper_ospf.j2`** +```jinja2 +protocols { + ospf { + area {{ ospf.areas[0].id }} { + {% for network in ospf.areas[0].networks %} + interface {{ network | replace('/','/') }}; + {% endfor %} + } + } +} +``` + +**Render both**: +```bash +jinja2 templates/cisco_ospf.j2 vars/ospf.yml +jinja2 templates/juniper_ospf.j2 vars/ospf.yml +``` + +--- + +### **B. Dynamic Documentation (Visio → Text)** +**Problem**: Network diagrams don’t auto-update with config changes. +**Solution**: Generate diagrams from Jinja2-powered docs. + +**`templates/network_doc.j2`** +```jinja2 +# Network Design: {{ network.name }} + +## Core Devices +{% for device in network.devices %} +- **{{ device.name }}** ({{ device.vendor }}) + - IP: {{ device.mgmt_ip }} + - Role: {{ device.role }} +{% endfor %} + +## Topology +```mermaid +graph TD + {% for link in network.links %} + {{ link.src }} -->|{{ link.type }}| {{ link.dst }} + {% endfor %} +``` +``` + +**`vars/datacenter.yml`** +```yaml +network: + name: "Primary DC" + devices: + - name: "CoreSwitch01" + vendor: "Cisco" + mgmt_ip: "10.0.0.1" + role: "Core" + - name: "Firewall01" + vendor: "Palo Alto" + mgmt_ip: "10.0.0.2" + role: "Security" + links: + - src: "CoreSwitch01" + dst: "Firewall01" + type: "10G Fiber" +``` + +**Output**: +- Auto-generates Markdown with Mermaid diagrams. +- Feed into MkDocs for always-updated network docs. + +--- + +## **3. Tooling Stack for Network Automation** +| **Tool** | **Role** | **Jinja2 Integration** | +|--------------------|-----------------------------------|--------------------------------------| +| **Ansible** | Push configs to devices. | `template` module renders Jinja2. | +| **Python** | Custom scripts. | `jinja2` library (full control). | +| **NetBox** | Source of truth (IPs, devices). | Export data → Jinja2 templates. | +| **GitLab CI** | Auto-generate configs on changes. | `jinja-cli` in pipelines. | + +--- + +## **4. Pro Tips for Networking** +### **A. Secret Management** +- Use Ansible Vault or `ansible.builtin.copy` with `no_log: true` to embed credentials: + ```jinja2 + username {{ vaulted_username }} + password {{ vaulted_password }} + ``` + +### **B. Validation** +- Lint templates with: + ```bash + python -m jinja2 --check templates/*.j2 + ``` + +### **C. Debugging** +- Add `{{ debug() }}` to dump variables: + ```jinja2 + {# Check what 'interface' looks like #} + {{ debug(interface) }} + ``` + +--- + +## **5. Your Next Steps** +1. **Start Small**: + - Pick 1 repetitive task (e.g., VLAN assignments) → template it. +2. **Scale Up**: + - Integrate with NetBox (API) for dynamic data. +3. **Automate**: + - Git commit → CI pipeline → auto-generate configs. + +**Example Repo**: [network-automation-jinja2](https://github.com/example/network-automation-jinja2) + +--- + +### **Why This Matters for Your Job Posting** +DataVox wants someone who can **standardize** and **scale** network configs. Jinja2 lets you: +- Cut device provisioning time by 80%. +- Eliminate typos in ACLs/routing tables. +- Document networks **as code** (hello, Visio automation!). + +**You’re not just a Network Engineer—you’re the force multiplier.** + +--- + +### **Jinja2 as Your Secret Weapon for Network Solutions Architecture** + +As a Network Solutions Architect at DataVox, your Jinja2 expertise becomes a **force multiplier** for both technical credibility and sales effectiveness. Here's how to weaponize it: + +--- + +## **1. Pre-Sales Engineering Dominance** +### **A. Rapid Proposal Generation** +**Problem:** Manually building BoMs and network designs for each prospect is time-consuming. +**Solution:** Jinja2-powered templated proposals. + +**`templates/proposal.j2`** +```jinja2 +# {{ customer.name }} Network Modernization Proposal + +## Core Requirements +- **Business Drivers**: {{ use_cases | join(', ') }} +- **Compliance Needs**: {{ compliance_requirements | default('None specified') }} + +## Recommended Architecture +{% if 'sdwan' in solutions %} +### SD-WAN Implementation ({{ vendors.sdwan }}) +- Edge Devices: {{ device_counts.sdwan }}x {{ models.sdwan }} +- License Tier: {{ licensing.sdwan }} +{% endif %} + +## Bill of Materials +| Item | Qty | Unit Price | Extended | +|------|-----|------------|----------| +{% for item in bom %} +| {{ item.name }} | {{ item.qty }} | ${{ item.unit_price }} | ${{ item.qty * item.unit_price }} | +{% endfor %} +``` + +**Render it:** +```bash +jinja2 templates/proposal.j2 vars/acme_corp.yml > proposals/acme_2024-03.md +``` + +**Impact:** +- Cut proposal time from 8 hours → 30 minutes +- Ensure consistency across all customer deliverables + +--- + +### **B. Interactive Demo Environments** +**Problem:** Static PowerPoint can't showcase real network flexibility. +**Solution:** Live-rendered topology visualizations. + +**`templates/demo_topology.j2`** +```jinja2 +```mermaid +graph TD + {% for device in demo_network.devices %} + {{ device.name }}["{{ device.type }}: {{ device.name }}"] + {% endfor %} + + {% for link in demo_network.links %} + {{ link.src }} -->|{{ link.bandwidth }}| {{ link.dst }} + {% endfor %} +``` +``` + +**Sales Play:** +1. Load prospect's actual requirements into YAML +2. Live-edit during discovery calls ("What if we change this link to 10G?") +3. Instant visual update in real-time + +--- + +## **2. Technical Design Authority** +### **A. Multi-Vendor HLD Templates** +**Problem:** Customers want to see Cisco/Palo Alto/Fortinet options. +**Solution:** Single design → vendor-specific outputs. + +**`vars/mpls_design.yml`** +```yaml +network: + name: "MPLS Migration" + sites: + - name: "HQ" + routers: 2 + firewall: "Palo Alto PA-440" + - name: "Branch" + routers: 1 + firewall: "FortiGate 100F" +``` + +**`templates/cisco_design.j2`** +```jinja2 +{% for site in network.sites %} +! {{ site.name }} Configuration +router bgp 65001 + neighbor {{ site.ip }} remote-as 65001 + {% if site.routers > 1 %} + ! HA Pair Configuration + redundancy + mode sso + {% endif %} +{% endfor %} +``` + +**Differentiation:** +- Present **3 vendor options** in the time competitors deliver one +- Prove technical depth without manual rework + +--- + +### **B. Compliance Automation** +**Problem:** Healthcare/finance clients need NIST/HIPAA documentation. +**Solution:** Auto-generate compliance matrices. + +**`templates/nist_controls.j2`** +```jinja2 +## NIST 800-53 Compliance Report for {{ customer.name }} + +### AC-2: Account Management +Implementation Status: {% if 'active_directory' in solutions %}Compliant{% else %}Not Implemented{% endif %} + +Controls: +{% for control in nist_controls %} +- [{% if control.implemented %}X{% else %} {% endif %}] {{ control.id }}: {{ control.description }} +{% endfor %} +``` + +**Client Impact:** +- Turn compliance from a 3-week audit → 1-hour conversation starter + +--- + +## **3. Sales Enablement Systems** +### **A. Competitive Battlecards** +**Problem:** Engineers waste time recreating vs. Cisco/Fortinet comparisons. +**Solution:** Dynamic competitive analysis templates. + +**`templates/battlecard.j2`** +```jinja2 +# Competitive Analysis: {{ our_solution }} vs {{ competitor }} + +## Feature Comparison +| Capability | Our Solution | {{ competitor }} | +|------------|--------------|------------------| +{% for feature in features %} +| {{ feature.name }} | {{ feature.our_rating }}/5 | {{ feature.their_rating }}/5 | +{% endfor %} + +## Talking Points +{% for point in talking_points %} +- {{ point }} +{% endfor %} +``` + +**Usage:** +```bash +jinja2 templates/battlecard.j2 vars/cisco_comparison.yml +``` + +--- + +### **B. ROI Calculators** +**Problem:** Customers want hard numbers on OpEx savings. +**Solution:** Data-driven Jinja2 templates. + +**`templates/roi.j2`** +```jinja2 +Based on {{ customer.employee_count }} users and {{ customer.bandwidth_usage }}Mbps utilization: + +## 5-Year Savings Projection +- **Current Spend**: ${{ current_costs | sum }} +- **Proposed Spend**: ${{ proposed_costs | sum }} +- **Savings**: ${{ (current_costs | sum) - (proposed_costs | sum) }} + +Breakdown: +{% for item in cost_items %} +- {{ item.name }}: Reduce from ${{ item.current }} → ${{ item.proposed }} +{% endfor %} +``` + +--- + +## **4. Implementation Playbook** +### **A. Customer Onboarding Kits** +**Problem:** Handoffs from sales to delivery teams lose context. +**Solution:** Auto-generated runbooks. + +**`templates/onboarding.j2`** +```jinja2 +# {{ customer.name }} Implementation Guide + +## Network Details +{% for site in sites %} +### {{ site.name }} +- Devices: {{ site.devices | join(', ') }} +- IP Schema: {{ site.subnet }} +{% endfor %} + +## Phase 1 Tasks +{% for task in implementation_plan %} +{{ loop.index }}. [ ] {{ task }} +{% endfor %} +``` + +--- + +## **5. Certification Path** +### **Architect-Level Jinja2 Mastery** +1. **Ansible Certified Content Developer** (Red Hat) +2. **Jinja2 + NetBox Integration** (Custom Solutions) +3. **Build Your Own:** + - Internal "DataVox Templating Standards" + - Patentable config generation workflows + +--- + +### **Why This Wins Deals** +1. **Speed:** Respond to RFPs 5x faster than competitors +2. **Precision:** Eliminate errors in BoMs/designs +3. **Trust:** Demonstrate technical depth through automation + +**Your New Title:** *"The Architect Who Automates"* + +Want to build the first template? Let's start with: +```bash +mkdir -p ~/datavox-templates/{vars,templates,output} +``` +